Brocade Aims for IPv6 with NAT64

Enabling applications to be accessible over both IPv4 and IPv6 networks is a challenge that networking vendor Brocade aims to solve. The new Brocade ADX application delivery switch system update includes new capabilities to help enable enterprises access their applications over both IPv4 and IPv6 networks.

Rather than take a tunneling approach to providing IPv6 and IPv4 access, Brocade is leveraging the NAT64 approach:

"We're delivering a NAT64 gateway built on the back of the Brocade ADX platform," Keith Stewart, director product management for Application Delivery Products at Brocade told InternetNews.com. "This enables IPv6 clients to talk to legacy IPv4 applications and vice versa."

The NAT64 technology is part of the ADX 12.3 software update for Brocade ADX systems. Stewart noted that by having NAT64 on an application delivery controller, application behaviors can be maintained across either IPv4 or IPv6 networks.

Stewart explained that the NAT64 standard comes out of the IETF and is accompanied by the DNS64 standard to handle IPv4/IPv6 DNS needs.

"Effectively the NAT64 gateway announces the addresses on the other side of it, so if you have a client that has resolved DNS, the destination IP will point to the gateway," Stewart said. "The gateway will then translate that to the other side over the alternative protocol."

He added that the difference between NAT64 and tunneling approaches for IPv4/IPv6 is that tunneling is largely based around overlaying one network on top of the other, while NAT64 is about address translation.

For some applications, whether traffic originates on IPv4 or IPv6, doesn't matter.

"If you have a dumb application that runs over TCP that doesn't have any interconnect with lower level networking constructs, then it doesn't matter," Stewart said. "But many applications hook down to lower level constructs for the purpose of a control protocol."

One such use case is with SIP where an IP address is used as an identifier for participants in a conversation. Lower level constructs are also used in HTTP for audit log purposes.

"An application delivery controller is a flexible device so using our capabilities organizations have the ability to customize handling," Stewart said. "However there are some applications that will still run into problems."

Stewart noted that applications with hard coded addresses and pointers can still be a problem.

"Applications that have really poorly implemented flash with self-referential embedded IP addresses are a problem," Stewart said. "The intention here is to try and mitigate the need for full application rewrites, but some things are so broken that you ultimately going to have go in and clean that stuff up."